CVE-2026-49984: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in kestra-io kestra
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past the guard using backslashes (..\..\..\); the guard sees a harmless string, and the path is only rewritten to ../../../ after validation, immediately before the file is opened. Any authenticated user who can view an execution (the lowest-privilege role) can call GET /api/v1/{tenant}/executions/{executionId}/file?path=… and read any file on the server filesystem readable by the Kestra process, outside the storage sandbox and across every tenant and namespace. This includes the embedded H2 database (all flows, all users, all stored secrets), internal storage of every other tenant/namespace, mounted secret files, and the process environment (/proc/self/environ) which contains configured database and secret-backend credentials. It is a complete breach of Kestra's storage isolation and multi-tenancy boundary. This vulnerability is fixed in 1.0.45 and 1.3.23.
AI Analysis
Technical Summary
Kestra's local internal-storage backend improperly limits pathname traversal by validating user input before converting Windows backslashes to forward slashes. This allows an authenticated user with the lowest privilege role to bypass the traversal check by using backslash sequences (e.g., ..\..\..\), which are later normalized to ../../../ just before file access. Consequently, the attacker can read any file readable by the Kestra process, including sensitive tenant data, secrets, and environment variables, violating multi-tenancy and storage isolation. The vulnerability is addressed in Kestra versions 1.0.45 and 1.3.23.
Potential Impact
An attacker with authenticated access at the lowest privilege level can read arbitrary files on the server filesystem accessible to the Kestra process. This includes all tenants' data, stored secrets, mounted secret files, and environment variables containing credentials. This results in a complete breach of Kestra's storage isolation and multi-tenancy boundaries, potentially exposing sensitive information and credentials.
Mitigation Recommendations
This vulnerability is fixed in Kestra versions 1.0.45 and 1.3.23. Users should upgrade to at least these versions to remediate the issue. No additional mitigation is indicated in the vendor advisory.
CVE-2026-49984: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in kestra-io kestra
Description
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attacker can therefore smuggle a traversal sequence past the guard using backslashes (..\..\..\); the guard sees a harmless string, and the path is only rewritten to ../../../ after validation, immediately before the file is opened. Any authenticated user who can view an execution (the lowest-privilege role) can call GET /api/v1/{tenant}/executions/{executionId}/file?path=… and read any file on the server filesystem readable by the Kestra process, outside the storage sandbox and across every tenant and namespace. This includes the embedded H2 database (all flows, all users, all stored secrets), internal storage of every other tenant/namespace, mounted secret files, and the process environment (/proc/self/environ) which contains configured database and secret-backend credentials. It is a complete breach of Kestra's storage isolation and multi-tenancy boundary. This vulnerability is fixed in 1.0.45 and 1.3.23.
CVSS v3.1
Score 7.7high
Affected software
pkg:github/kestra-io/kestraRun on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
Kestra's local internal-storage backend improperly limits pathname traversal by validating user input before converting Windows backslashes to forward slashes. This allows an authenticated user with the lowest privilege role to bypass the traversal check by using backslash sequences (e.g., ..\..\..\), which are later normalized to ../../../ just before file access. Consequently, the attacker can read any file readable by the Kestra process, including sensitive tenant data, secrets, and environment variables, violating multi-tenancy and storage isolation. The vulnerability is addressed in Kestra versions 1.0.45 and 1.3.23.
Potential Impact
An attacker with authenticated access at the lowest privilege level can read arbitrary files on the server filesystem accessible to the Kestra process. This includes all tenants' data, stored secrets, mounted secret files, and environment variables containing credentials. This results in a complete breach of Kestra's storage isolation and multi-tenancy boundaries, potentially exposing sensitive information and credentials.
Mitigation Recommendations
This vulnerability is fixed in Kestra versions 1.0.45 and 1.3.23. Users should upgrade to at least these versions to remediate the issue. No additional mitigation is indicated in the vendor advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-06-02T18:30:51.282Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3eed5627e9c79719f40535
Added to database: 06/26/2026, 21:21:26 UTC
Last enriched: 06/26/2026, 21:36:24 UTC
Last updated: 06/26/2026, 22:06:35 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.